Cybersecurity

Work still means meetings, and meetings still mean people.

But with the coronavirus pandemic having caused many countries to define a “group” as a maximum of two people, and prohibiting people from meeting up face-to-face anyway, even with friends and family, then meeting with people means an online meeting.

For very many of us, that means Zoom, not least because many of us were using Zoom already, and happily, and… …or so we thought, safely. But Zoom has had a bunch of security scares recently, as huge numbers of new users flock to it, and as crooks and miscreants try to take advantage of that.

Fortunately, a lot of the problems and risks people are having can be reduced enormously just by getting the basics right.

Unfortunately, a lot of the habits that existing Zoom users have fallen into need to change.

Insecure shortcuts – ways of using Zoom that the old-timers have inadvertently been teaching to the Zoom newcomers – didn’t seem to matter that much before, but they do now. So here are our top 5 “things to get right first” – they shouldn’t take you long, and they are easy to do.

the product so that the company can focus on security issues instead. It’s much easier to do that if you aren’t adding new code at the same time.

Why not get into the habit of checking you’re up-to-date every day, before your first meeting? Even if Zoom itself told you about an update the very last time you used it, get in the habit of checking by hand anyway, just to be sure. It doesn’t take long.

By the way, we recommend you do this with all your software – even if you have been using your operating system’s or an app’s autoupdating for years and it’s always been on time, a manual cross-check is quick and easy.

Set up meetings so that the participants can’t join in until you open it up. And if you suddenly find yourself “on hold until the organiser starts the meeting” when in the past you would have spent the time chatting to your colleagues and getting the smalltalk over with, don’t complain – those pre-meeting meetings are great for socialising but they do make it harder to control the meeting.

Zoom has a dedicated article on the Waiting Room feature on its website.

Until recently, most Zoom meetings (or at least the ones we attended in the not-too-distant era before coronavirus) took a liberal approach to screen sharing.

But the term ZoomBombing entered our vocabulary very forcefully about two weeks ago, when a public “Happy Hour” meeting that was supposed to buoy everyone’s morale turned into an HR nightmare when one of the participants, who had entered under a false name, started sharing pornographic filth. (Unhappily for the organiser of the meeting, he’d chosen that day to invite his parents along as guests of honour.)

Actually, it’s not just screen sharing that can cause trouble. There are numerous controls you can apply to participants in meetings, including blocking file sharing and private chat, kicking out disruptive users, and stopping troublemakers coming back.

Zoom has a dedicated article on Managing participants in a meeting on its website

We know lots of Zoom users who memorised their own meeting ID long ago and had fallen into the habit of using it for every meeting they held – even back-to-back meetings with different groups – because they knew they’d never need to look it up.

But that convenience is handy for crooks, too, because they already have a list of known IDs that they can try automatically in the hope of wandering in where they aren’t supposed to be.

We recommend using a randomly generated meeting ID, and setting a password on any meeting that is not explicitly open to all. You can send the web link by one means, e.g. in an email or invitation request, and the password by another means, e.g. in an instant message just before the meeting starts. (You can also lock meetings once they start to avoid gaining unwanted visitors after you’ve started concentrating on the meeting itself.) Zoom has a dedicated article on Meeting and webinar passwords.

Paul Ducklin Principal Research Scientist, Sophos

But respect for privacy, a sense of trust, and a feeling of social and business comfort are also important parts of a working life that’s now dominated by online meetings.

If you’re expected or you need to use video, pay attention to your appearance and the lighting. (In very blunt terms: try to avoid being a pain to watch.) Remember to use the mute button when you can.

And most importantly – especially if there are company outsiders in the meeting – be very clear up front if you will be recording the meeting, even if you are in a jurisdiction that does not require you to declare it. And make it clear if they are any restrictions, albeit informal ones, about what the participants are allowed to do with the information they learn in the meeting.

Etiquette isn’t about keeping the bad guys out. But respectful rules of engagement for remote meetings help to make it easy for everyone in the meeting to keep the good stuff in.

Genetec , a leading technology provider of unified security, public safety, operations, and business intelligence solutions announced the immediate availability of its next-generation mobile license plate recognition system. The new AutoVu SharpZ3 goes beyond traditional license plate identification and brings new levels of insight in vehicle analytics, situational awareness, and accuracy.

Ideally suited to meet the needs of parking managers who use mobile ALPR as part of their enforcement activities, the new SharpZ3 can help them track the types of vehicle (car, van, truck, bus, motorcycle) in parking lots or around the city, and analyze the

evolution of the mix of vehicle types over time. For law enforcement officers who use mobile ALPR to aid investigations, the SharpZ3 allows patrols to flag vehicles based on vehicle type and color where no license plate was identified by a witness.

• The AutoVu SharpZ3 is among the first specialized in-vehicle ALPR systems in the world to use Intel’s latest machine learning and computer vision technology to unlock new insights through innovative analytics. • The AutoVu SharpZ3 system will not only be able to improve the accuracy of license plate reads in difficult environments (such as bad weather, heavy traffic, and fast speeds), but will also be able to record additional vehicle characteristics such as, vehicle type, color, and more, in real-time, and without requiring large amounts of bandwidth.

• Designed with a third optical sensor, the AutoVu SharpZ3 can accurately capture multiple plate designs in complex urban environments. These include flat, embossed, reflective and non-reflective license plates. The extra sensor will also allow more precise positioning of vehicle data on maps to provide more precise occupancy data than before.

• With its modular design, the SharpZ3 gives users the flexibility to add new functionalities over time. This reduces the complication and cost of hardware replacement.

Employee discomfort, ill health and reduced performance can be linked to a poor-quality office environment. Good quality lighting can already help to increase employee productivity up to 23%. Apart from lighting, there are other environmental elements that impact employee health and wellbeing. For example, higher indoor temperatures and relative humidity can correlate with sneezing, skin redness, itchy eyes, headaches and sore eyes. Poor thermal comfort control leads to a 6% drop in staff performance when offices are too hot, and 4% when too cold. In addition, employee performance can decrease by as much as 66% when there is distracting noise, and it can take an average of 25 minutes to return to a task after an interruption.

Seagate Technology announced the latest in high-performance solutions for multi-user NAS environments, adding to their award-winning IronWolf SSD product line. Seagate’s IronWolf 510 is an M.2 NVMe SSD with caching speeds of up to 3GBps for NVMe-compatible systems and is ideal for creative pros and business NAS needing 24×7 multi-user storage that is cache enabled.

Seagate is arguably the first to provide a purpose-built M.2 NVMe for NAS that goes beyond SATA performance metrics and also provides 3x the endurance when compared to the competition. This meets the required endurance spec of one DWPD which Seagate’s NAS partners expect for their customers. Because of such high endurance, customers get a tough SSD for small business and creative professional NAS environments.

• The IronWolf 510 SSD meets leading top NAS manufacturer requirements of one drive write per day (DWPD), allowing multi-user NAS environments to do more with their data with lasting performance.

• The IronWolf 510 SSD is reliable with 1.8 million hours mean time between failures (MTBF) in a PCIe form factor, two years of Rescue Data Recovery Services, and a five-year limited warranty.

• IronWolf Health Management helps analyze drive health and will soon be available on compatible NAS systems.

• The IronWolf 510 SSD PCIe Gen3 x4, NVMe 1.3 is available in 240GB, 480GB, 960GB, and 1.92TB capacities and is compatible with leading NAS vendors to provide server storage for small and medium-sized businesses and creative professionals that use NAS.

• Combine IronWolf Hard Drives with IronWolf SSD’s and benefit from ultra-high capacity, ultra-high endurance, and highspeed caching.

Keeping employees comfortable and healthy in an office is critical. Signify a leader in lighting, is launching new Philips IoT sensor bundles that collect and deliver data via the Interact Office connected lighting system and Environmental monitoring API’s. The new sensors that are being launched enable businesses to monitor their office environment and optimize conditions for employee health and wellbeing.

The new sensor bundles can monitor occupancy, the number of people, temperature (at room and at desk level), noise levels, daylight levels, relative humidity and are Bluetooth enabled, to provide indoor positioning and navigation capabilities. Bundling and delivering these sensing capabilities into one unit eliminates the need for multiple sensors and is also much more cost effective for businesses. The ability to differentiate the office working experience can help to create a healthy place to work, and help organizations reduce absenteeism.

• These new sensors are smaller than a match box and are easily upgraded on premise with a simple click and swap via an upgradable sensor slot, a unique feature across a range of Philips professional office luminaires.

• There’s no need to take the luminaires out of the ceiling as the sensors can be fitted from the front of the luminaire.

• This future-ready solution means that luminaires can now be upgraded with different sensors at any time. This gives organizations the flexibility to benefit from increased functionality coming along in the future or for example, when a new tenant wants increased functionality.

Just 12% of more than 1,500 respondents believe their businesses are highly prepared for the impact of coronavirus, while 26% believe that the virus will have little or no impact on their business, according to a recent survey by Gartner, Inc. In a Gartner business continuity webinar on March 6, Gartner experts asked participants how prepared they are for impact of COVID-19.

Most respondents (56%) rate themselves somewhat prepared, and 11% said they were either relatively or very unprepared. Just 2% of respondents believe their business can continue as normal, highlighting the huge range of businesses that could be affected by the outbreak. Twenty-four percent of respondents expect little disruption, while the majority expect business to continue at a reduced pace (57%), to be severely restricted (16%) or to be discontinued altogether (1%).

The challenge lies partly in the ambiguity inherent to managing an emerging risk such as coronavirus. Organizations often have policies in place to deal with most risks, but they don’t activate them until it’s too late because no one is owning the risk or taking it seriously until it is fully manifested. The threshold for a risk to generate executive action is often too high to enable an effective response.

Having an enterprise risk management (ERM) function in place means that an organization is more likely to see risks coming and then mitigate the impact of those emerging risks more swiftly and effectively. Gartner’s view is that a focus on impacts rather than specific scenarios is best practice for ERM. – companies that wait until the emerging risk is already impacting operations and/or many employees will likely find themselves playing catch up and losing ground to companies that were better prepared.

Companies can get better prepared by considering what interim events could occur that would suggest that a pandemic, or similar emerging risk, is about to sharply increase in terms of its impact or likelihood. By using an ERM approach to identify and prepare for those specific events – and setting up mechanisms to monitor for them – the best companies are better positioned to avoid major disruption.

For those dealing with a crisis response to the coronavirus in their organization, they should have planned responses to specific im

pacts. For example, what will the company do if one employee gets sick? Ask all employees to self-isolate? Are work-from-home procedures sufficiently mature to support that or will work have to stop? Do suppliers or clients need to be notified? Is finance able to support operations in the event of anticipated losses?

Using an impacts-based method makes it very clear when to trigger a response plan and to start mitigating the effect of specific impacts on an organization. Also having response plans that react to specific impacts means it is simpler to communicate the plan to staff, so that all employees can play a part in managing risk. In fast-moving situations such as this, the more people who are owning risk, the more likely it is that an organizational response will be timely.

Nuclias Connect is an intuitive Free Network Management Solution for SMBs seeking a flexible, hands-on approach to their infrastructure and user data. It’s Network Management, Refreshed

*Works with D-Link DAP-2xxx Series Access Points

Network Integrity • Role & Privilege-Based Access Control • End-to-End Encryption • Branded Experience

Has network control ever been easier? Download the free app now and get started.